Summary | invalid token when printing from frameset |
Queue | Horde Groupware Webmail Edition |
Queue Version | 5.1.3 |
Type | Bug |
State | Not A Bug |
Priority | 1. Low |
Owners | |
Requester | dav (at) geoazur (dot) unice (dot) fr |
Created | 01/20/2014 (4158 days ago) |
Due | |
Updated | 01/24/2014 (4154 days ago) |
Assigned | 01/22/2014 (4156 days ago) |
Resolved | 01/24/2014 (4154 days ago) |
Github Issue Link | |
Github Pull Request | |
Milestone | |
Patch | No |
State ⇒ Not A Bug
This is something that is handled by Horde_Url internally.
If someone is adding a frameset layer to Horde, it is their
responsibility to correctly encode URLs.
encode "&" in its own url, only when used inside a frameset. I
thought that this little glitch could be detected and managed inside
Horde (maybe we are not alone in using frames). But if you say that
this bug is not coming from Horde, ok the problem is really the
frameset so never mind. Thanks for your answers.
http://webmail.domain1/index.html is just
<frameset><frame src=https://server.domain2/horde/></frameset>
I think you can reproduce it easily.
framesets long ago (Horde 4.0 to be exact). We can't provide bug
support/fixes for something that doesn't exist in our code.
New Attachment: frameset.patch
http://webmail.domain1/index.html is just
<frameset><frame src=https://server.domain2/horde/></frameset>
I think you can reproduce it easily.
Then I don't understand why "&view_token=..." (not the other
parameters) is changed to "&view_token=..." in this case. Despite
that, all is working well so maybe it's a small glitch.
For now I solve it by adding a check of "amp;view_token" to checkToken
function in imp/lib/Contents/View.php but I guess it's not a clean
solution.
Priority ⇒ 1. Low
State ⇒ Feedback
Priority ⇒ 2. Medium
Type ⇒ Bug
Summary ⇒ invalid token when printing from frameset
Queue ⇒ Horde Groupware Webmail Edition
Milestone ⇒
Patch ⇒ No
State ⇒ Unconfirmed
mode) : login is Ok after setting "use_only_cookies" to false, but
view, print, etc. actions for mail/imp, open a new window with "fatal
error - invalid token".
However when using Horde with direct url, theses actions open correct windows.
Actually, when logging from frameset http://webmail.domain1/ then
trying to print a mail, url of the new window is
https://server.domain2/horde/imp/view.php?Horde=hhh&%3Bview_token=ttt-ttt&actionID=print_attach&buid=bbb&id=1&mailbox=mmm&token=ttt-ttt&uniq=uuu
whereas when logging from http://server/horde/ then printing, url is
https://server.domain2/horde/imp/view.php?view_token=ttt-ttt&actionID=print_attach&buid=bbb&id=1&mailbox=mmm&token=ttt-ttt&uniq=uuu
If I edit url with "invalid token" and just replace
"&%3Bview_token" with "&view_token" then reload, it works : the
window shows the expected result.
Any idea from where "&" was encoded to "&" when using frame ?